Privacy Policy
Last updated:
This Privacy Policy explains how personal and related data are processed when you use the website and services of FazerCards Reseller, a B2B marketplace and API for reseller digital goods. We keep it concrete: what we collect, why, how long, and what you can do about it.
1. Who processes data and scope
The operator processing data for the FazerCards Reseller platform is the party providing the website and related software ("we", "the Service"). This Policy covers data you provide when you register, sign in to the reseller or partner hub, pay for a subscription, use the API, contact support, or browse the site (including via cookies).
We do not sell your personal data as a commodity. Sharing occurs only as described below (contract performance, legal obligation, vetted processors).
2. Data we may collect and retain
The exact set depends on how you use the Service. Typical categories include:
- Account data: email address, nickname (login), password stored using one-way hashing, internal user identifier
- Technical metadata: IP address and request details (time, user-agent, API routes when using an API key), error and security logs
- Billing and subscription data: plan tier, balance and subscription events inside the Service, payment status (we do not store full card data—payment processors handle that)
- Support interactions: messages you send, files or log excerpts you voluntarily attach
- Partner program data: referral links, promo codes, commission statistics, payout details you submit for withdrawals
- API keys and session tokens needed to access the API and web panel (stored in a form that allows verification without always keeping secrets in plain text where applicable).
3. Purposes and legal bases
We process data to:
• perform our contract with you (catalog, API access, subscription, wallet); • secure the Service and prevent fraud or abuse; • run partner commissions and referral accounting; • respond to requests and keep the Service running; • meet legal duties (tax/accounting records, lawful requests from authorities).
Legal bases include contract performance, consent where we ask separately (e.g. optional marketing), legitimate interests (security, abuse prevention), and legal obligation where applicable.
4. Cookies and similar technologies
We may use cookies and similar tools for session operation (sign-in, preferences, CSRF protection where implemented) and basic traffic analytics. You can limit or delete cookies in your browser; some features may stop working without essential cookies.
5. Payments
Subscription and balance top-ups are handled by payment partners. We receive the minimum data needed for accounting (transaction id, status, amount, currency, sometimes masked details). Full card numbers are not stored on our servers. Their privacy terms govern payment-side processing.
6. Processors and transfers
We may use infrastructure and service providers (hosting, CDN, email, monitoring, anti-fraud) under appropriate agreements with access limited to what they need. Some processing may occur outside your country; where required, we aim to use appropriate safeguards. Disclosure to public authorities happens only on a lawful basis and to the extent required.
7. Retention
Account data is kept while your account is active and needed to provide the Service. After closure, some records may remain for a limited period in backups or where law, tax, dispute resolution, or defense of legal claims requires it—only as long as justified. Technical and security logs may follow separate rotation windows (for example a few months) unless longer retention is needed for investigations.
8. Security
We apply organizational and technical measures such as HTTPS in transit, restricted production access, role separation, password hashing, and monitoring. No online service is perfectly secure; if we discover an incident that risks your rights, we act per applicable law (including notification where required).
9. Your rights
Depending on applicable law (including GDPR where it applies to our processing), you may have rights to access, rectification, erasure (subject to contract/legal exceptions), restriction, objection, portability, and withdrawal of consent where processing is consent-based.
To exercise rights, contact us via the channels on this site with subject "Personal data" and describe your request; we respond within a reasonable time. You may also lodge a complaint with a supervisory authority where you live or work.
10. Children
The Service is aimed at businesses and legally capable operators, not children. We do not knowingly collect data from children under 14 (or the age threshold in your jurisdiction). If you believe we received a child's data without proper consent, contact us for deletion.
11. Changes
We may update this Policy; the date at the top will change. Material changes may be highlighted on the site or by email where appropriate. Continued use after updates may, where permitted by law, mean you accept the new version for non-consent-based processing.
12. Contact
For privacy questions and rights requests, use the email and channels listed on our contacts page.
For data questions and privacy requests, use our contact page. Contacts.